2011-02-17 15:23:58 +03:00
|
|
|
/* $NetBSD: hijack.c,v 1.45 2011/02/17 12:23:58 pooka Exp $ */
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
|
|
|
/*-
|
|
|
|
* Copyright (c) 2011 Antti Kantee. All Rights Reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
|
|
|
|
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
|
|
|
|
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
|
|
|
|
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
|
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include <sys/cdefs.h>
|
2011-02-17 15:23:58 +03:00
|
|
|
__RCSID("$NetBSD: hijack.c,v 1.45 2011/02/17 12:23:58 pooka Exp $");
|
2011-01-26 21:48:32 +03:00
|
|
|
|
|
|
|
#define __ssp_weak_name(fun) _hijack_ ## fun
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
|
|
|
#include <sys/param.h>
|
|
|
|
#include <sys/types.h>
|
2011-01-18 14:04:10 +03:00
|
|
|
#include <sys/event.h>
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
#include <sys/ioctl.h>
|
|
|
|
#include <sys/socket.h>
|
|
|
|
#include <sys/poll.h>
|
2011-02-17 15:23:58 +03:00
|
|
|
#include <sys/statvfs.h>
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
|
|
|
#include <rump/rumpclient.h>
|
|
|
|
#include <rump/rump_syscalls.h>
|
|
|
|
|
|
|
|
#include <assert.h>
|
|
|
|
#include <dlfcn.h>
|
|
|
|
#include <err.h>
|
|
|
|
#include <errno.h>
|
|
|
|
#include <fcntl.h>
|
|
|
|
#include <poll.h>
|
|
|
|
#include <pthread.h>
|
2011-01-08 21:11:46 +03:00
|
|
|
#include <signal.h>
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
#include <stdarg.h>
|
2011-01-17 19:27:54 +03:00
|
|
|
#include <stdbool.h>
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
#include <stdio.h>
|
|
|
|
#include <stdlib.h>
|
2011-02-06 18:48:20 +03:00
|
|
|
#include <string.h>
|
2011-01-08 21:11:46 +03:00
|
|
|
#include <time.h>
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
#include <unistd.h>
|
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
enum dualcall {
|
|
|
|
DUALCALL_WRITE, DUALCALL_WRITEV,
|
|
|
|
DUALCALL_IOCTL, DUALCALL_FCNTL,
|
|
|
|
DUALCALL_SOCKET, DUALCALL_ACCEPT, DUALCALL_BIND, DUALCALL_CONNECT,
|
|
|
|
DUALCALL_GETPEERNAME, DUALCALL_GETSOCKNAME, DUALCALL_LISTEN,
|
|
|
|
DUALCALL_RECVFROM, DUALCALL_RECVMSG,
|
|
|
|
DUALCALL_SENDTO, DUALCALL_SENDMSG,
|
|
|
|
DUALCALL_GETSOCKOPT, DUALCALL_SETSOCKOPT,
|
|
|
|
DUALCALL_SHUTDOWN,
|
|
|
|
DUALCALL_READ, DUALCALL_READV,
|
2011-02-15 17:01:52 +03:00
|
|
|
DUALCALL_DUP2,
|
2011-02-08 17:45:35 +03:00
|
|
|
DUALCALL_CLOSE,
|
2011-01-25 15:18:33 +03:00
|
|
|
DUALCALL_POLLTS,
|
2011-02-08 17:45:35 +03:00
|
|
|
DUALCALL_KEVENT,
|
2011-02-17 15:23:58 +03:00
|
|
|
DUALCALL_STAT, DUALCALL_LSTAT, DUALCALL_FSTAT,
|
|
|
|
DUALCALL_CHMOD, DUALCALL_LCHMOD, DUALCALL_FCHMOD,
|
|
|
|
DUALCALL_CHOWN, DUALCALL_LCHOWN, DUALCALL_FCHOWN,
|
|
|
|
DUALCALL_OPEN,
|
|
|
|
DUALCALL_STATVFS1, DUALCALL_FSTATVFS1,
|
|
|
|
DUALCALL_CHDIR, DUALCALL_FCHDIR,
|
|
|
|
DUALCALL_LSEEK,
|
|
|
|
DUALCALL_GETDENTS,
|
|
|
|
DUALCALL_UNLINK, DUALCALL_SYMLINK, DUALCALL_READLINK,
|
|
|
|
DUALCALL_RENAME,
|
|
|
|
DUALCALL_MKDIR, DUALCALL_RMDIR,
|
|
|
|
DUALCALL_UTIMES, DUALCALL_LUTIMES, DUALCALL_FUTIMES,
|
|
|
|
DUALCALL_TRUNCATE, DUALCALL_FTRUNCATE,
|
|
|
|
DUALCALL_FSYNC, DUALCALL_FSYNC_RANGE,
|
2011-01-25 15:18:33 +03:00
|
|
|
DUALCALL__NUM
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
};
|
|
|
|
|
2011-01-17 19:27:54 +03:00
|
|
|
#define RSYS_STRING(a) __STRING(a)
|
|
|
|
#define RSYS_NAME(a) RSYS_STRING(__CONCAT(RUMP_SYS_RENAME_,a))
|
|
|
|
|
2011-01-18 22:41:02 +03:00
|
|
|
/*
|
|
|
|
* Would be nice to get this automatically in sync with libc.
|
|
|
|
* Also, this does not work for compat-using binaries!
|
|
|
|
*/
|
|
|
|
#if !__NetBSD_Prereq__(5,99,7)
|
2011-02-07 13:28:18 +03:00
|
|
|
#define REALSELECT select
|
|
|
|
#define REALPOLLTS pollts
|
2011-02-08 17:45:35 +03:00
|
|
|
#define REALKEVENT kevent
|
2011-02-17 15:23:58 +03:00
|
|
|
#define REALSTAT __stat30
|
|
|
|
#define REALLSTAT __lstat30
|
|
|
|
#define REALFSTAT __fstat30
|
|
|
|
#define REALUTIMES utimes
|
|
|
|
#define REALLUTIMES lutimes
|
|
|
|
#define REALFUTIMES futimes
|
2011-01-18 22:41:02 +03:00
|
|
|
#else
|
2011-02-07 13:28:18 +03:00
|
|
|
#define REALSELECT _sys___select50
|
|
|
|
#define REALPOLLTS _sys___pollts50
|
2011-02-08 17:45:35 +03:00
|
|
|
#define REALKEVENT _sys___kevent50
|
2011-02-17 15:23:58 +03:00
|
|
|
#define REALSTAT __stat50
|
|
|
|
#define REALLSTAT __lstat50
|
|
|
|
#define REALFSTAT __fstat50
|
|
|
|
#define REALUTIMES __utimes50
|
|
|
|
#define REALLUTIMES __lutimes50
|
|
|
|
#define REALFUTIMES __futimes50
|
2011-01-25 15:18:33 +03:00
|
|
|
#endif
|
2011-02-07 15:23:05 +03:00
|
|
|
#define REALREAD _sys_read
|
2011-02-17 15:23:58 +03:00
|
|
|
#define REALGETDENTS __getdents30
|
2011-01-18 22:41:02 +03:00
|
|
|
|
2011-02-07 13:28:18 +03:00
|
|
|
int REALSELECT(int, fd_set *, fd_set *, fd_set *, struct timeval *);
|
|
|
|
int REALPOLLTS(struct pollfd *, nfds_t,
|
2011-01-25 20:37:00 +03:00
|
|
|
const struct timespec *, const sigset_t *);
|
2011-02-08 17:45:35 +03:00
|
|
|
int REALKEVENT(int, const struct kevent *, size_t, struct kevent *, size_t,
|
|
|
|
const struct timespec *);
|
2011-02-07 15:23:05 +03:00
|
|
|
ssize_t REALREAD(int, void *, size_t);
|
2011-02-17 15:23:58 +03:00
|
|
|
int REALSTAT(const char *, struct stat *);
|
|
|
|
int REALLSTAT(const char *, struct stat *);
|
|
|
|
int REALFSTAT(int, struct stat *);
|
|
|
|
int REALGETDENTS(int, char *, size_t);
|
|
|
|
int REALUTIMES(const char *, const struct timeval [2]);
|
|
|
|
int REALLUTIMES(const char *, const struct timeval [2]);
|
|
|
|
int REALFUTIMES(int, const struct timeval [2]);
|
2011-01-25 15:18:33 +03:00
|
|
|
|
|
|
|
#define S(a) __STRING(a)
|
|
|
|
struct sysnames {
|
|
|
|
enum dualcall scm_callnum;
|
|
|
|
const char *scm_hostname;
|
|
|
|
const char *scm_rumpname;
|
|
|
|
} syscnames[] = {
|
|
|
|
{ DUALCALL_SOCKET, "__socket30", RSYS_NAME(SOCKET) },
|
|
|
|
{ DUALCALL_ACCEPT, "accept", RSYS_NAME(ACCEPT) },
|
|
|
|
{ DUALCALL_BIND, "bind", RSYS_NAME(BIND) },
|
|
|
|
{ DUALCALL_CONNECT, "connect", RSYS_NAME(CONNECT) },
|
|
|
|
{ DUALCALL_GETPEERNAME, "getpeername", RSYS_NAME(GETPEERNAME) },
|
|
|
|
{ DUALCALL_GETSOCKNAME, "getsockname", RSYS_NAME(GETSOCKNAME) },
|
|
|
|
{ DUALCALL_LISTEN, "listen", RSYS_NAME(LISTEN) },
|
|
|
|
{ DUALCALL_RECVFROM, "recvfrom", RSYS_NAME(RECVFROM) },
|
|
|
|
{ DUALCALL_RECVMSG, "recvmsg", RSYS_NAME(RECVMSG) },
|
|
|
|
{ DUALCALL_SENDTO, "sendto", RSYS_NAME(SENDTO) },
|
|
|
|
{ DUALCALL_SENDMSG, "sendmsg", RSYS_NAME(SENDMSG) },
|
|
|
|
{ DUALCALL_GETSOCKOPT, "getsockopt", RSYS_NAME(GETSOCKOPT) },
|
|
|
|
{ DUALCALL_SETSOCKOPT, "setsockopt", RSYS_NAME(SETSOCKOPT) },
|
|
|
|
{ DUALCALL_SHUTDOWN, "shutdown", RSYS_NAME(SHUTDOWN) },
|
2011-02-07 15:23:05 +03:00
|
|
|
{ DUALCALL_READ, S(REALREAD), RSYS_NAME(READ) },
|
2011-01-25 15:18:33 +03:00
|
|
|
{ DUALCALL_READV, "readv", RSYS_NAME(READV) },
|
|
|
|
{ DUALCALL_WRITE, "write", RSYS_NAME(WRITE) },
|
|
|
|
{ DUALCALL_WRITEV, "writev", RSYS_NAME(WRITEV) },
|
|
|
|
{ DUALCALL_IOCTL, "ioctl", RSYS_NAME(IOCTL) },
|
|
|
|
{ DUALCALL_FCNTL, "fcntl", RSYS_NAME(FCNTL) },
|
|
|
|
{ DUALCALL_DUP2, "dup2", RSYS_NAME(DUP2) },
|
|
|
|
{ DUALCALL_CLOSE, "close", RSYS_NAME(CLOSE) },
|
2011-02-07 13:28:18 +03:00
|
|
|
{ DUALCALL_POLLTS, S(REALPOLLTS), RSYS_NAME(POLLTS) },
|
2011-02-08 17:45:35 +03:00
|
|
|
{ DUALCALL_KEVENT, S(REALKEVENT), RSYS_NAME(KEVENT) },
|
2011-02-17 15:23:58 +03:00
|
|
|
{ DUALCALL_STAT, S(REALSTAT), RSYS_NAME(STAT) },
|
|
|
|
{ DUALCALL_LSTAT, S(REALLSTAT), RSYS_NAME(LSTAT) },
|
|
|
|
{ DUALCALL_FSTAT, S(REALFSTAT), RSYS_NAME(FSTAT) },
|
|
|
|
{ DUALCALL_CHOWN, "chown", RSYS_NAME(CHOWN) },
|
|
|
|
{ DUALCALL_LCHOWN, "lchown", RSYS_NAME(LCHOWN) },
|
|
|
|
{ DUALCALL_FCHOWN, "fchown", RSYS_NAME(FCHOWN) },
|
|
|
|
{ DUALCALL_CHMOD, "chmod", RSYS_NAME(CHMOD) },
|
|
|
|
{ DUALCALL_LCHMOD, "lchmod", RSYS_NAME(LCHMOD) },
|
|
|
|
{ DUALCALL_FCHMOD, "fchmod", RSYS_NAME(FCHMOD) },
|
|
|
|
{ DUALCALL_UTIMES, S(REALUTIMES), RSYS_NAME(UTIMES) },
|
|
|
|
{ DUALCALL_LUTIMES, S(REALLUTIMES), RSYS_NAME(LUTIMES) },
|
|
|
|
{ DUALCALL_FUTIMES, S(REALFUTIMES), RSYS_NAME(FUTIMES) },
|
|
|
|
{ DUALCALL_OPEN, "open", RSYS_NAME(OPEN) },
|
|
|
|
{ DUALCALL_STATVFS1, "statvfs1", RSYS_NAME(STATVFS1) },
|
|
|
|
{ DUALCALL_FSTATVFS1, "fstatvfs1", RSYS_NAME(FSTATVFS1) },
|
|
|
|
{ DUALCALL_CHDIR, "chdir", RSYS_NAME(CHDIR) },
|
|
|
|
{ DUALCALL_FCHDIR, "fchdir", RSYS_NAME(FCHDIR) },
|
|
|
|
{ DUALCALL_LSEEK, "lseek", RSYS_NAME(LSEEK) },
|
|
|
|
{ DUALCALL_GETDENTS, "__getdents30", RSYS_NAME(GETDENTS) },
|
|
|
|
{ DUALCALL_UNLINK, "unlink", RSYS_NAME(UNLINK) },
|
|
|
|
{ DUALCALL_SYMLINK, "symlink", RSYS_NAME(SYMLINK) },
|
|
|
|
{ DUALCALL_READLINK, "readlink", RSYS_NAME(READLINK) },
|
|
|
|
{ DUALCALL_RENAME, "rename", RSYS_NAME(RENAME) },
|
|
|
|
{ DUALCALL_MKDIR, "mkdir", RSYS_NAME(MKDIR) },
|
|
|
|
{ DUALCALL_RMDIR, "rmdir", RSYS_NAME(RMDIR) },
|
|
|
|
{ DUALCALL_TRUNCATE, "truncate", RSYS_NAME(TRUNCATE) },
|
|
|
|
{ DUALCALL_FTRUNCATE, "ftruncate", RSYS_NAME(FTRUNCATE) },
|
|
|
|
{ DUALCALL_FSYNC, "fsync", RSYS_NAME(FSYNC) },
|
|
|
|
{ DUALCALL_FSYNC_RANGE, "fsync_range", RSYS_NAME(FSYNC_RANGE) },
|
2011-01-25 15:18:33 +03:00
|
|
|
};
|
|
|
|
#undef S
|
|
|
|
|
|
|
|
struct bothsys {
|
|
|
|
void *bs_host;
|
|
|
|
void *bs_rump;
|
|
|
|
} syscalls[DUALCALL__NUM];
|
|
|
|
#define GETSYSCALL(which, name) syscalls[DUALCALL_##name].bs_##which
|
|
|
|
|
2011-02-05 19:57:39 +03:00
|
|
|
pid_t (*host_fork)(void);
|
|
|
|
int (*host_daemon)(int, int);
|
2011-02-14 17:56:23 +03:00
|
|
|
int (*host_execve)(const char *, char *const[], char *const[]);
|
2011-01-25 15:18:33 +03:00
|
|
|
|
2011-02-15 16:59:28 +03:00
|
|
|
static uint32_t dup2mask;
|
|
|
|
#define ISDUP2D(fd) (((fd) < 32) && (1<<(fd) & dup2mask))
|
|
|
|
#define SETDUP2(fd) \
|
|
|
|
do { if ((fd) < 32) dup2mask |= (1<<(fd)); } while (/*CONSTCOND*/0)
|
|
|
|
#define CLRDUP2(fd) \
|
|
|
|
do { if ((fd) < 32) dup2mask &= ~(1<<(fd)); } while (/*CONSTCOND*/0)
|
2011-01-25 15:18:33 +03:00
|
|
|
|
|
|
|
//#define DEBUGJACK
|
|
|
|
#ifdef DEBUGJACK
|
|
|
|
#define DPRINTF(x) mydprintf x
|
|
|
|
static void
|
|
|
|
mydprintf(const char *fmt, ...)
|
|
|
|
{
|
|
|
|
va_list ap;
|
|
|
|
|
|
|
|
if (ISDUP2D(STDERR_FILENO))
|
|
|
|
return;
|
|
|
|
|
|
|
|
va_start(ap, fmt);
|
|
|
|
vfprintf(stderr, fmt, ap);
|
|
|
|
va_end(ap);
|
|
|
|
}
|
|
|
|
|
|
|
|
#else
|
|
|
|
#define DPRINTF(x)
|
2011-01-18 22:41:02 +03:00
|
|
|
#endif
|
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
#define FDCALL(type, name, rcname, args, proto, vars) \
|
|
|
|
type name args \
|
|
|
|
{ \
|
|
|
|
type (*fun) proto; \
|
|
|
|
\
|
2011-02-08 15:20:11 +03:00
|
|
|
DPRINTF(("%s -> %d\n", __STRING(name), fd)); \
|
2011-01-25 15:18:33 +03:00
|
|
|
if (fd_isrump(fd)) { \
|
|
|
|
fun = syscalls[rcname].bs_rump; \
|
|
|
|
fd = fd_host2rump(fd); \
|
|
|
|
} else { \
|
|
|
|
fun = syscalls[rcname].bs_host; \
|
|
|
|
} \
|
|
|
|
\
|
|
|
|
return fun vars; \
|
|
|
|
}
|
|
|
|
|
2011-02-17 15:23:58 +03:00
|
|
|
#define PATHCALL(type, name, rcname, args, proto, vars) \
|
|
|
|
type name args \
|
|
|
|
{ \
|
|
|
|
type (*fun) proto; \
|
|
|
|
\
|
|
|
|
DPRINTF(("%s -> %s\n", __STRING(name), path)); \
|
|
|
|
if (path_isrump(path)) { \
|
|
|
|
fun = syscalls[rcname].bs_rump; \
|
|
|
|
path = path_host2rump(path); \
|
|
|
|
} else { \
|
|
|
|
fun = syscalls[rcname].bs_host; \
|
|
|
|
} \
|
|
|
|
\
|
|
|
|
return fun vars; \
|
|
|
|
}
|
|
|
|
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
/*
|
|
|
|
* This is called from librumpclient in case of LD_PRELOAD.
|
|
|
|
* It ensures correct RTLD_NEXT.
|
2011-02-07 22:34:39 +03:00
|
|
|
*
|
|
|
|
* ... except, it's apparently extremely difficult to force
|
|
|
|
* at least gcc to generate an actual stack frame here. So
|
|
|
|
* sprinkle some volatile foobar and baz to throw the optimizer
|
|
|
|
* off the scent and generate a variable assignment with the
|
|
|
|
* return value. The posterboy for this meltdown is amd64
|
|
|
|
* with -O2. At least with gcc 4.1.3 i386 works regardless of
|
|
|
|
* optimization.
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
*/
|
2011-02-07 22:34:39 +03:00
|
|
|
volatile int rumphijack_unrope; /* there, unhang yourself */
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
static void *
|
|
|
|
hijackdlsym(void *handle, const char *symbol)
|
|
|
|
{
|
2011-02-07 22:34:39 +03:00
|
|
|
void *rv;
|
|
|
|
|
|
|
|
rv = dlsym(handle, symbol);
|
|
|
|
rumphijack_unrope = *(volatile int *)rv;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-02-07 22:34:39 +03:00
|
|
|
return (void *)rv;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
|
2011-02-17 15:23:58 +03:00
|
|
|
static int pwdinrump = 0;
|
|
|
|
|
2011-01-09 22:56:33 +03:00
|
|
|
/* low calorie sockets? */
|
2011-01-18 22:41:02 +03:00
|
|
|
static bool hostlocalsockets = true;
|
2011-01-09 22:56:33 +03:00
|
|
|
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
static void __attribute__((constructor))
|
|
|
|
rcinit(void)
|
|
|
|
{
|
2011-02-06 18:48:20 +03:00
|
|
|
char buf[64];
|
2011-01-27 21:12:19 +03:00
|
|
|
extern void *(*rumpclient_dlsym)(void *, const char *);
|
2011-01-25 15:53:45 +03:00
|
|
|
unsigned i, j;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-27 21:12:19 +03:00
|
|
|
rumpclient_dlsym = hijackdlsym;
|
2011-01-08 17:19:27 +03:00
|
|
|
host_fork = dlsym(RTLD_NEXT, "fork");
|
2011-02-05 19:57:39 +03:00
|
|
|
host_daemon = dlsym(RTLD_NEXT, "daemon");
|
2011-02-14 17:56:23 +03:00
|
|
|
host_execve = dlsym(RTLD_NEXT, "execve");
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
/*
|
|
|
|
* In theory cannot print anything during lookups because
|
|
|
|
* we might not have the call vector set up. so, the errx()
|
|
|
|
* is a bit of a strech, but it might work.
|
|
|
|
*/
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
for (i = 0; i < DUALCALL__NUM; i++) {
|
|
|
|
/* build runtime O(1) access */
|
|
|
|
for (j = 0; j < __arraycount(syscnames); j++) {
|
|
|
|
if (syscnames[j].scm_callnum == i)
|
|
|
|
break;
|
|
|
|
}
|
2011-01-09 13:28:46 +03:00
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
if (j == __arraycount(syscnames))
|
|
|
|
errx(1, "rumphijack error: syscall pos %d missing", i);
|
2011-01-09 13:28:46 +03:00
|
|
|
|
2011-01-27 21:12:19 +03:00
|
|
|
syscalls[i].bs_host = dlsym(RTLD_NEXT,
|
|
|
|
syscnames[j].scm_hostname);
|
2011-01-25 15:18:33 +03:00
|
|
|
if (syscalls[i].bs_host == NULL)
|
|
|
|
errx(1, "hostcall %s not found missing",
|
|
|
|
syscnames[j].scm_hostname);
|
2011-01-09 13:28:46 +03:00
|
|
|
|
2011-01-27 21:12:19 +03:00
|
|
|
syscalls[i].bs_rump = dlsym(RTLD_NEXT,
|
|
|
|
syscnames[j].scm_rumpname);
|
2011-01-25 15:18:33 +03:00
|
|
|
if (syscalls[i].bs_rump == NULL)
|
|
|
|
errx(1, "rumpcall %s not found missing",
|
|
|
|
syscnames[j].scm_rumpname);
|
|
|
|
}
|
2011-01-09 13:28:46 +03:00
|
|
|
|
2011-01-27 21:05:16 +03:00
|
|
|
if (rumpclient_init() == -1)
|
2011-01-25 15:18:33 +03:00
|
|
|
err(1, "rumpclient init");
|
2011-02-06 18:48:20 +03:00
|
|
|
|
|
|
|
/* set client persistence level */
|
2011-02-16 22:26:58 +03:00
|
|
|
if (getenv_r("RUMPHIJACK_RETRYCONNECT", buf, sizeof(buf)) != -1) {
|
2011-02-06 18:48:20 +03:00
|
|
|
if (strcmp(buf, "die") == 0)
|
|
|
|
rumpclient_setconnretry(RUMPCLIENT_RETRYCONN_DIE);
|
|
|
|
else if (strcmp(buf, "inftime") == 0)
|
|
|
|
rumpclient_setconnretry(RUMPCLIENT_RETRYCONN_INFTIME);
|
|
|
|
else if (strcmp(buf, "once") == 0)
|
|
|
|
rumpclient_setconnretry(RUMPCLIENT_RETRYCONN_ONCE);
|
|
|
|
else {
|
|
|
|
time_t timeout;
|
2011-02-16 22:26:58 +03:00
|
|
|
char *ep;
|
2011-02-06 18:48:20 +03:00
|
|
|
|
2011-02-16 22:26:58 +03:00
|
|
|
timeout = (time_t)strtoll(buf, &ep, 10);
|
|
|
|
if (timeout <= 0 || ep != buf + strlen(buf))
|
|
|
|
errx(1, "RUMPHIJACK_RETRYCONNECT must be "
|
|
|
|
"keyword or integer, got: %s", buf);
|
2011-02-06 18:48:20 +03:00
|
|
|
|
|
|
|
rumpclient_setconnretry(timeout);
|
|
|
|
}
|
|
|
|
}
|
2011-02-14 17:56:23 +03:00
|
|
|
|
|
|
|
if (getenv_r("RUMPHIJACK__DUP2MASK", buf, sizeof(buf)) == 0) {
|
2011-02-15 16:59:28 +03:00
|
|
|
dup2mask = strtoul(buf, NULL, 10);
|
2011-02-17 15:23:58 +03:00
|
|
|
unsetenv("RUMPHIJACK__DUP2MASK");
|
|
|
|
}
|
|
|
|
if (getenv_r("RUMPHIJACK__PWDINRUMP", buf, sizeof(buf)) == 0) {
|
|
|
|
pwdinrump = strtoul(buf, NULL, 10);
|
|
|
|
unsetenv("RUMPHIJACK__PWDINRUMP");
|
2011-02-14 17:56:23 +03:00
|
|
|
}
|
2011-01-25 15:18:33 +03:00
|
|
|
}
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-08 17:19:27 +03:00
|
|
|
/* XXX: need runtime selection. low for now due to FD_SETSIZE */
|
|
|
|
#define HIJACK_FDOFF 128
|
|
|
|
static int
|
|
|
|
fd_rump2host(int fd)
|
|
|
|
{
|
|
|
|
|
|
|
|
if (fd == -1)
|
|
|
|
return fd;
|
|
|
|
|
|
|
|
if (!ISDUP2D(fd))
|
|
|
|
fd += HIJACK_FDOFF;
|
|
|
|
|
|
|
|
return fd;
|
|
|
|
}
|
|
|
|
|
|
|
|
static int
|
|
|
|
fd_host2rump(int fd)
|
|
|
|
{
|
|
|
|
|
|
|
|
if (!ISDUP2D(fd))
|
|
|
|
fd -= HIJACK_FDOFF;
|
|
|
|
return fd;
|
|
|
|
}
|
|
|
|
|
|
|
|
static bool
|
|
|
|
fd_isrump(int fd)
|
|
|
|
{
|
|
|
|
|
|
|
|
return ISDUP2D(fd) || fd >= HIJACK_FDOFF;
|
|
|
|
}
|
|
|
|
|
2011-02-15 16:59:28 +03:00
|
|
|
#define assertfd(_fd_) assert(ISDUP2D(_fd_) || (_fd_) >= HIJACK_FDOFF)
|
|
|
|
|
2011-02-17 15:23:58 +03:00
|
|
|
#define RUMPPREFIX "/rump"
|
|
|
|
static int
|
|
|
|
path_isrump(const char *path)
|
|
|
|
{
|
|
|
|
|
|
|
|
if (*path == '/') {
|
|
|
|
if (strncmp(path, RUMPPREFIX, sizeof(RUMPPREFIX)-1) == 0)
|
|
|
|
return 1;
|
|
|
|
return 0;
|
|
|
|
} else {
|
|
|
|
return pwdinrump;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static const char *rootpath = "/";
|
|
|
|
static const char *
|
|
|
|
path_host2rump(const char *path)
|
|
|
|
{
|
|
|
|
const char *rv;
|
|
|
|
|
|
|
|
if (*path == '/') {
|
|
|
|
rv = path + (sizeof(RUMPPREFIX)-1);
|
|
|
|
if (*rv == '\0')
|
|
|
|
rv = rootpath;
|
|
|
|
} else {
|
|
|
|
rv = path;
|
|
|
|
}
|
|
|
|
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
2011-02-15 16:59:28 +03:00
|
|
|
static int
|
|
|
|
dodup(int oldd, int minfd)
|
|
|
|
{
|
|
|
|
int (*op_fcntl)(int, int, ...);
|
|
|
|
int newd;
|
|
|
|
int isrump;
|
|
|
|
|
|
|
|
DPRINTF(("dup -> %d (minfd %d)\n", oldd, minfd));
|
|
|
|
if (fd_isrump(oldd)) {
|
|
|
|
op_fcntl = GETSYSCALL(rump, FCNTL);
|
|
|
|
oldd = fd_host2rump(oldd);
|
|
|
|
isrump = 1;
|
|
|
|
} else {
|
|
|
|
op_fcntl = GETSYSCALL(host, FCNTL);
|
|
|
|
isrump = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
newd = op_fcntl(oldd, F_DUPFD, minfd);
|
|
|
|
|
|
|
|
if (isrump)
|
|
|
|
newd = fd_rump2host(newd);
|
|
|
|
DPRINTF(("dup <- %d\n", newd));
|
|
|
|
|
|
|
|
return newd;
|
|
|
|
}
|
2011-01-08 17:19:27 +03:00
|
|
|
|
2011-02-17 15:23:58 +03:00
|
|
|
int
|
|
|
|
open(const char *path, int flags, ...)
|
|
|
|
{
|
|
|
|
int (*op_open)(const char *, int, ...);
|
|
|
|
bool isrump;
|
|
|
|
va_list ap;
|
|
|
|
int fd;
|
|
|
|
|
|
|
|
if (path_isrump(path)) {
|
|
|
|
path = path_host2rump(path);
|
|
|
|
op_open = GETSYSCALL(rump, OPEN);
|
|
|
|
isrump = true;
|
|
|
|
} else {
|
|
|
|
op_open = GETSYSCALL(host, OPEN);
|
|
|
|
isrump = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
va_start(ap, flags);
|
|
|
|
fd = op_open(path, flags, va_arg(ap, mode_t));
|
|
|
|
va_end(ap);
|
|
|
|
|
|
|
|
if (isrump)
|
|
|
|
fd = fd_rump2host(fd);
|
|
|
|
return fd;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
chdir(const char *path)
|
|
|
|
{
|
|
|
|
int (*op_chdir)(const char *);
|
|
|
|
bool isrump;
|
|
|
|
int rv;
|
|
|
|
|
|
|
|
if (path_isrump(path)) {
|
|
|
|
op_chdir = GETSYSCALL(rump, CHDIR);
|
|
|
|
isrump = true;
|
|
|
|
path = path_host2rump(path);
|
|
|
|
} else {
|
|
|
|
op_chdir = GETSYSCALL(host, CHDIR);
|
|
|
|
isrump = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
rv = op_chdir(path);
|
|
|
|
if (rv == 0) {
|
|
|
|
if (isrump)
|
|
|
|
pwdinrump = true;
|
|
|
|
else
|
|
|
|
pwdinrump = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
fchdir(int fd)
|
|
|
|
{
|
|
|
|
int (*op_fchdir)(int);
|
|
|
|
bool isrump;
|
|
|
|
int rv;
|
|
|
|
|
|
|
|
if (fd_isrump(fd)) {
|
|
|
|
op_fchdir = GETSYSCALL(rump, FCHDIR);
|
|
|
|
isrump = true;
|
|
|
|
fd = fd_host2rump(fd);
|
|
|
|
} else {
|
|
|
|
op_fchdir = GETSYSCALL(host, FCHDIR);
|
|
|
|
isrump = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
rv = op_fchdir(fd);
|
|
|
|
if (rv == 0) {
|
|
|
|
if (isrump)
|
|
|
|
pwdinrump = true;
|
|
|
|
else
|
|
|
|
pwdinrump = false;
|
|
|
|
}
|
|
|
|
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
int __socket30(int, int, int);
|
|
|
|
int
|
|
|
|
__socket30(int domain, int type, int protocol)
|
|
|
|
{
|
2011-01-25 15:18:33 +03:00
|
|
|
int (*op_socket)(int, int, int);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
int fd;
|
2011-01-09 22:56:33 +03:00
|
|
|
bool dohost;
|
|
|
|
|
|
|
|
dohost = hostlocalsockets && (domain == AF_LOCAL);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-09 22:56:33 +03:00
|
|
|
if (dohost)
|
2011-01-25 15:18:33 +03:00
|
|
|
op_socket = GETSYSCALL(host, SOCKET);
|
2011-01-09 22:56:33 +03:00
|
|
|
else
|
2011-01-25 15:18:33 +03:00
|
|
|
op_socket = GETSYSCALL(rump, SOCKET);
|
|
|
|
fd = op_socket(domain, type, protocol);
|
2011-01-08 17:19:27 +03:00
|
|
|
|
2011-01-09 22:56:33 +03:00
|
|
|
if (!dohost)
|
|
|
|
fd = fd_rump2host(fd);
|
|
|
|
DPRINTF(("socket <- %d\n", fd));
|
2011-01-08 17:19:27 +03:00
|
|
|
|
2011-01-09 22:56:33 +03:00
|
|
|
return fd;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
int
|
|
|
|
accept(int s, struct sockaddr *addr, socklen_t *addrlen)
|
|
|
|
{
|
2011-01-25 15:18:33 +03:00
|
|
|
int (*op_accept)(int, struct sockaddr *, socklen_t *);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
int fd;
|
2011-01-09 22:56:33 +03:00
|
|
|
bool isrump;
|
|
|
|
|
|
|
|
isrump = fd_isrump(s);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-08 17:19:27 +03:00
|
|
|
DPRINTF(("accept -> %d", s));
|
2011-01-09 22:56:33 +03:00
|
|
|
if (isrump) {
|
2011-01-25 15:18:33 +03:00
|
|
|
op_accept = GETSYSCALL(rump, ACCEPT);
|
2011-01-09 22:56:33 +03:00
|
|
|
s = fd_host2rump(s);
|
|
|
|
} else {
|
2011-01-25 15:18:33 +03:00
|
|
|
op_accept = GETSYSCALL(host, ACCEPT);
|
2011-01-09 22:56:33 +03:00
|
|
|
}
|
2011-01-25 15:18:33 +03:00
|
|
|
fd = op_accept(s, addr, addrlen);
|
2011-01-09 22:56:33 +03:00
|
|
|
if (fd != -1 && isrump)
|
|
|
|
fd = fd_rump2host(fd);
|
|
|
|
|
|
|
|
DPRINTF((" <- %d\n", fd));
|
2011-01-08 17:19:27 +03:00
|
|
|
|
2011-01-09 22:56:33 +03:00
|
|
|
return fd;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
/*
|
|
|
|
* ioctl and fcntl are varargs calls and need special treatment
|
|
|
|
*/
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
int
|
2011-01-25 15:18:33 +03:00
|
|
|
ioctl(int fd, unsigned long cmd, ...)
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
{
|
2011-01-25 15:18:33 +03:00
|
|
|
int (*op_ioctl)(int, unsigned long cmd, ...);
|
|
|
|
va_list ap;
|
|
|
|
int rv;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
DPRINTF(("ioctl -> %d\n", fd));
|
|
|
|
if (fd_isrump(fd)) {
|
|
|
|
fd = fd_host2rump(fd);
|
|
|
|
op_ioctl = GETSYSCALL(rump, IOCTL);
|
2011-01-09 22:56:33 +03:00
|
|
|
} else {
|
2011-01-25 15:18:33 +03:00
|
|
|
op_ioctl = GETSYSCALL(host, IOCTL);
|
2011-01-09 22:56:33 +03:00
|
|
|
}
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
va_start(ap, cmd);
|
|
|
|
rv = op_ioctl(fd, cmd, va_arg(ap, void *));
|
|
|
|
va_end(ap);
|
|
|
|
return rv;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
|
2011-02-15 16:59:28 +03:00
|
|
|
#include <syslog.h>
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
int
|
2011-01-25 15:18:33 +03:00
|
|
|
fcntl(int fd, int cmd, ...)
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
{
|
2011-01-25 15:18:33 +03:00
|
|
|
int (*op_fcntl)(int, int, ...);
|
|
|
|
va_list ap;
|
2011-02-15 16:59:28 +03:00
|
|
|
int rv, minfd, i;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-02-15 16:59:28 +03:00
|
|
|
DPRINTF(("fcntl -> %d (cmd %d)\n", fd, cmd));
|
|
|
|
|
|
|
|
switch (cmd) {
|
|
|
|
case F_DUPFD:
|
|
|
|
va_start(ap, cmd);
|
|
|
|
minfd = va_arg(ap, int);
|
|
|
|
va_end(ap);
|
|
|
|
return dodup(fd, minfd);
|
|
|
|
|
|
|
|
case F_CLOSEM:
|
|
|
|
/*
|
|
|
|
* So, if fd < HIJACKOFF, we want to do a host closem.
|
|
|
|
*/
|
|
|
|
|
|
|
|
if (fd < HIJACK_FDOFF) {
|
|
|
|
int closemfd = fd;
|
|
|
|
|
|
|
|
if (rumpclient__closenotify(&closemfd,
|
2011-02-14 17:56:23 +03:00
|
|
|
RUMPCLIENT_CLOSE_FCLOSEM) == -1)
|
|
|
|
return -1;
|
2011-02-15 16:59:28 +03:00
|
|
|
op_fcntl = GETSYSCALL(host, FCNTL);
|
|
|
|
rv = op_fcntl(closemfd, cmd);
|
|
|
|
if (rv)
|
|
|
|
return rv;
|
|
|
|
}
|
2011-01-19 14:27:01 +03:00
|
|
|
|
2011-02-15 16:59:28 +03:00
|
|
|
/*
|
|
|
|
* Additionally, we want to do a rump closem, but only
|
|
|
|
* for the file descriptors not within the dup2mask.
|
|
|
|
*/
|
|
|
|
|
|
|
|
/* why don't we offer fls()? */
|
|
|
|
for (i = 31; i >= 0; i--) {
|
|
|
|
if (dup2mask & 1<<i)
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (fd >= HIJACK_FDOFF)
|
|
|
|
fd -= HIJACK_FDOFF;
|
|
|
|
else
|
|
|
|
fd = 0;
|
|
|
|
fd = MAX(i+1, fd);
|
|
|
|
|
|
|
|
/* hmm, maybe we should close rump fd's not within dup2mask? */
|
|
|
|
|
|
|
|
return rump_sys_fcntl(fd, F_CLOSEM);
|
|
|
|
|
|
|
|
case F_MAXFD:
|
|
|
|
/*
|
|
|
|
* For maxfd, if there's a rump kernel fd, return
|
|
|
|
* it hostified. Otherwise, return host's MAXFD
|
|
|
|
* return value.
|
|
|
|
*/
|
|
|
|
if ((rv = rump_sys_fcntl(fd, F_MAXFD)) != -1) {
|
|
|
|
/*
|
|
|
|
* This might go a little wrong in case
|
|
|
|
* of dup2 to [012], but I'm not sure if
|
|
|
|
* there's a justification for tracking
|
|
|
|
* that info. Consider e.g.
|
|
|
|
* dup2(rumpfd, 2) followed by rump_sys_open()
|
|
|
|
* returning 1. We should return 1+HIJACKOFF,
|
|
|
|
* not 2+HIJACKOFF. However, if [01] is not
|
|
|
|
* open, the correct return value is 2.
|
|
|
|
*/
|
|
|
|
return fd_rump2host(fd);
|
|
|
|
} else {
|
|
|
|
op_fcntl = GETSYSCALL(host, FCNTL);
|
|
|
|
return op_fcntl(fd, F_MAXFD);
|
|
|
|
}
|
|
|
|
/*NOTREACHED*/
|
|
|
|
|
|
|
|
default:
|
|
|
|
if (fd_isrump(fd)) {
|
|
|
|
fd = fd_host2rump(fd);
|
|
|
|
op_fcntl = GETSYSCALL(rump, FCNTL);
|
|
|
|
} else {
|
|
|
|
op_fcntl = GETSYSCALL(host, FCNTL);
|
|
|
|
}
|
|
|
|
|
|
|
|
va_start(ap, cmd);
|
|
|
|
rv = op_fcntl(fd, cmd, va_arg(ap, void *));
|
|
|
|
va_end(ap);
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
/*NOTREACHED*/
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
|
2011-02-14 17:56:23 +03:00
|
|
|
int
|
|
|
|
close(int fd)
|
|
|
|
{
|
|
|
|
int (*op_close)(int);
|
|
|
|
int rv;
|
|
|
|
|
|
|
|
DPRINTF(("close -> %d\n", fd));
|
|
|
|
if (fd_isrump(fd)) {
|
|
|
|
int undup2 = 0;
|
|
|
|
|
|
|
|
if (ISDUP2D(fd))
|
|
|
|
undup2 = 1;
|
|
|
|
fd = fd_host2rump(fd);
|
|
|
|
op_close = GETSYSCALL(rump, CLOSE);
|
|
|
|
rv = op_close(fd);
|
|
|
|
if (rv == 0 && undup2)
|
2011-02-15 16:59:28 +03:00
|
|
|
CLRDUP2(fd);
|
2011-02-14 17:56:23 +03:00
|
|
|
} else {
|
|
|
|
if (rumpclient__closenotify(&fd, RUMPCLIENT_CLOSE_CLOSE) == -1)
|
|
|
|
return -1;
|
|
|
|
op_close = GETSYSCALL(host, CLOSE);
|
|
|
|
rv = op_close(fd);
|
|
|
|
}
|
|
|
|
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
/*
|
|
|
|
* write cannot issue a standard debug printf due to recursion
|
|
|
|
*/
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
ssize_t
|
2011-01-25 15:18:33 +03:00
|
|
|
write(int fd, const void *buf, size_t blen)
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
{
|
2011-01-25 15:18:33 +03:00
|
|
|
ssize_t (*op_write)(int, const void *, size_t);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
if (fd_isrump(fd)) {
|
|
|
|
fd = fd_host2rump(fd);
|
|
|
|
op_write = GETSYSCALL(rump, WRITE);
|
2011-01-09 22:56:33 +03:00
|
|
|
} else {
|
2011-01-25 15:18:33 +03:00
|
|
|
op_write = GETSYSCALL(host, WRITE);
|
2011-01-09 22:56:33 +03:00
|
|
|
}
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-25 15:18:33 +03:00
|
|
|
return op_write(fd, buf, blen);
|
2011-01-08 17:19:27 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* dup2 is special. we allow dup2 of a rump kernel fd to 0-2 since
|
|
|
|
* many programs do that. dup2 of a rump kernel fd to another value
|
|
|
|
* not >= fdoff is an error.
|
|
|
|
*
|
|
|
|
* Note: cannot rump2host newd, because it is often hardcoded.
|
|
|
|
*/
|
|
|
|
int
|
|
|
|
dup2(int oldd, int newd)
|
|
|
|
{
|
2011-01-25 15:18:33 +03:00
|
|
|
int (*host_dup2)(int, int);
|
2011-01-08 17:19:27 +03:00
|
|
|
int rv;
|
|
|
|
|
|
|
|
DPRINTF(("dup2 -> %d (o) -> %d (n)\n", oldd, newd));
|
|
|
|
|
|
|
|
if (fd_isrump(oldd)) {
|
|
|
|
if (!(newd >= 0 && newd <= 2))
|
|
|
|
return EBADF;
|
|
|
|
oldd = fd_host2rump(oldd);
|
|
|
|
rv = rump_sys_dup2(oldd, newd);
|
|
|
|
if (rv != -1)
|
2011-02-15 16:59:28 +03:00
|
|
|
SETDUP2(newd);
|
2011-01-08 17:19:27 +03:00
|
|
|
} else {
|
2011-01-25 15:18:33 +03:00
|
|
|
host_dup2 = syscalls[DUALCALL_DUP2].bs_host;
|
2011-02-14 17:56:23 +03:00
|
|
|
if (rumpclient__closenotify(&newd, RUMPCLIENT_CLOSE_DUP2) == -1)
|
|
|
|
return -1;
|
2011-01-18 14:04:10 +03:00
|
|
|
rv = host_dup2(oldd, newd);
|
2011-01-08 17:19:27 +03:00
|
|
|
}
|
2011-01-18 14:04:10 +03:00
|
|
|
|
|
|
|
return rv;
|
2011-01-08 17:19:27 +03:00
|
|
|
}
|
|
|
|
|
2011-02-08 17:45:35 +03:00
|
|
|
int
|
|
|
|
dup(int oldd)
|
|
|
|
{
|
|
|
|
|
2011-02-15 16:59:28 +03:00
|
|
|
return dodup(oldd, 0);
|
2011-02-08 17:45:35 +03:00
|
|
|
}
|
|
|
|
|
2011-01-08 17:19:27 +03:00
|
|
|
pid_t
|
|
|
|
fork()
|
|
|
|
{
|
|
|
|
pid_t rv;
|
|
|
|
|
|
|
|
DPRINTF(("fork\n"));
|
|
|
|
|
2011-02-16 20:56:46 +03:00
|
|
|
rv = rumpclient__dofork(host_fork);
|
2011-01-08 17:19:27 +03:00
|
|
|
|
|
|
|
DPRINTF(("fork returns %d\n", rv));
|
|
|
|
return rv;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
2011-02-16 20:56:46 +03:00
|
|
|
/* we do not have the luxury of not requiring a stackframe */
|
|
|
|
__strong_alias(__vfork14,fork);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-02-05 19:57:39 +03:00
|
|
|
int
|
|
|
|
daemon(int nochdir, int noclose)
|
|
|
|
{
|
|
|
|
struct rumpclient_fork *rf;
|
|
|
|
|
|
|
|
if ((rf = rumpclient_prefork()) == NULL)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
if (host_daemon(nochdir, noclose) == -1)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
if (rumpclient_fork_init(rf) == -1)
|
|
|
|
return -1;
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
}
|
|
|
|
|
2011-02-14 17:56:23 +03:00
|
|
|
int
|
2011-02-16 18:33:46 +03:00
|
|
|
execve(const char *path, char *const argv[], char *const envp[])
|
2011-02-14 17:56:23 +03:00
|
|
|
{
|
|
|
|
char buf[128];
|
|
|
|
char *dup2str;
|
2011-02-17 15:23:58 +03:00
|
|
|
char *pwdinrumpstr;
|
2011-02-16 18:33:46 +03:00
|
|
|
char **newenv;
|
|
|
|
size_t nelem;
|
|
|
|
int rv, sverrno;
|
2011-02-17 15:23:58 +03:00
|
|
|
int bonus = 1, i = 0;
|
|
|
|
|
|
|
|
if (dup2mask) {
|
|
|
|
snprintf(buf, sizeof(buf), "RUMPHIJACK__DUP2MASK=%u", dup2mask);
|
|
|
|
dup2str = malloc(strlen(buf)+1);
|
|
|
|
if (dup2str == NULL)
|
|
|
|
return ENOMEM;
|
|
|
|
strcpy(dup2str, buf);
|
|
|
|
bonus++;
|
|
|
|
} else {
|
|
|
|
dup2str = NULL;
|
|
|
|
}
|
2011-02-14 17:56:23 +03:00
|
|
|
|
2011-02-17 15:23:58 +03:00
|
|
|
if (pwdinrump) {
|
|
|
|
snprintf(buf, sizeof(buf), "RUMPHIJACK__PWDINRUMP=%u",
|
|
|
|
pwdinrump);
|
|
|
|
pwdinrumpstr = malloc(strlen(buf)+1);
|
|
|
|
if (pwdinrumpstr == NULL) {
|
|
|
|
free(dup2str);
|
|
|
|
return ENOMEM;
|
|
|
|
}
|
|
|
|
strcpy(pwdinrumpstr, buf);
|
|
|
|
bonus++;
|
|
|
|
} else {
|
|
|
|
pwdinrumpstr = NULL;
|
|
|
|
}
|
2011-02-14 17:56:23 +03:00
|
|
|
|
2011-02-16 18:33:46 +03:00
|
|
|
for (nelem = 0; envp && envp[nelem]; nelem++)
|
|
|
|
continue;
|
2011-02-17 15:23:58 +03:00
|
|
|
newenv = malloc(sizeof(*newenv) * nelem+bonus);
|
2011-02-16 18:33:46 +03:00
|
|
|
if (newenv == NULL) {
|
2011-02-14 17:56:23 +03:00
|
|
|
free(dup2str);
|
2011-02-17 15:23:58 +03:00
|
|
|
free(pwdinrumpstr);
|
2011-02-16 18:33:46 +03:00
|
|
|
return ENOMEM;
|
2011-02-14 17:56:23 +03:00
|
|
|
}
|
2011-02-16 18:33:46 +03:00
|
|
|
memcpy(newenv, envp, nelem*sizeof(*newenv));
|
2011-02-17 15:23:58 +03:00
|
|
|
if (dup2str) {
|
|
|
|
newenv[nelem+i] = dup2str;
|
|
|
|
i++;
|
|
|
|
}
|
|
|
|
if (pwdinrumpstr) {
|
|
|
|
newenv[nelem+i] = pwdinrumpstr;
|
|
|
|
i++;
|
|
|
|
}
|
|
|
|
newenv[nelem+i] = NULL;
|
|
|
|
_DIAGASSERT(i < bonus);
|
2011-02-16 18:33:46 +03:00
|
|
|
|
|
|
|
rv = rumpclient_exec(path, argv, newenv);
|
|
|
|
|
|
|
|
_DIAGASSERT(rv != 0);
|
|
|
|
sverrno = errno;
|
|
|
|
free(newenv);
|
|
|
|
free(dup2str);
|
|
|
|
errno = sverrno;
|
2011-02-14 17:56:23 +03:00
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
/*
|
2011-01-25 15:18:33 +03:00
|
|
|
* select is done by calling poll.
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
*/
|
|
|
|
int
|
2011-02-07 13:28:18 +03:00
|
|
|
REALSELECT(int nfds, fd_set *readfds, fd_set *writefds, fd_set *exceptfds,
|
2011-01-09 00:30:24 +03:00
|
|
|
struct timeval *timeout)
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
{
|
2011-01-09 00:30:24 +03:00
|
|
|
struct pollfd *pfds;
|
|
|
|
struct timespec ts, *tsp = NULL;
|
2011-01-25 15:53:45 +03:00
|
|
|
nfds_t realnfds;
|
|
|
|
int i, j;
|
2011-01-09 00:30:24 +03:00
|
|
|
int rv, incr;
|
|
|
|
|
2011-01-09 22:56:33 +03:00
|
|
|
DPRINTF(("select\n"));
|
|
|
|
|
2011-01-09 00:30:24 +03:00
|
|
|
/*
|
|
|
|
* Well, first we must scan the fds to figure out how many
|
|
|
|
* fds there really are. This is because up to and including
|
2011-01-25 15:18:33 +03:00
|
|
|
* nb5 poll() silently refuses nfds > process_maxopen_fds.
|
2011-01-09 00:30:24 +03:00
|
|
|
* Seems to be fixed in current, thank the maker.
|
|
|
|
* god damn cluster...bomb.
|
|
|
|
*/
|
|
|
|
|
|
|
|
for (i = 0, realnfds = 0; i < nfds; i++) {
|
|
|
|
if (readfds && FD_ISSET(i, readfds)) {
|
|
|
|
realnfds++;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (writefds && FD_ISSET(i, writefds)) {
|
|
|
|
realnfds++;
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
if (exceptfds && FD_ISSET(i, exceptfds)) {
|
|
|
|
realnfds++;
|
|
|
|
continue;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-01-09 17:15:06 +03:00
|
|
|
if (realnfds) {
|
2011-02-12 13:25:46 +03:00
|
|
|
pfds = calloc(realnfds, sizeof(*pfds));
|
2011-01-09 17:15:06 +03:00
|
|
|
if (!pfds)
|
|
|
|
return -1;
|
|
|
|
} else {
|
|
|
|
pfds = NULL;
|
|
|
|
}
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-09 00:30:24 +03:00
|
|
|
for (i = 0, j = 0; i < nfds; i++) {
|
|
|
|
incr = 0;
|
|
|
|
if (readfds && FD_ISSET(i, readfds)) {
|
|
|
|
pfds[j].fd = i;
|
|
|
|
pfds[j].events |= POLLIN;
|
|
|
|
incr=1;
|
|
|
|
}
|
|
|
|
if (writefds && FD_ISSET(i, writefds)) {
|
|
|
|
pfds[j].fd = i;
|
|
|
|
pfds[j].events |= POLLOUT;
|
|
|
|
incr=1;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
2011-01-09 00:30:24 +03:00
|
|
|
if (exceptfds && FD_ISSET(i, exceptfds)) {
|
|
|
|
pfds[j].fd = i;
|
|
|
|
pfds[j].events |= POLLHUP|POLLERR;
|
|
|
|
incr=1;
|
|
|
|
}
|
|
|
|
if (incr)
|
|
|
|
j++;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
2011-02-11 17:02:12 +03:00
|
|
|
assert(j == (int)realnfds);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-01-09 00:30:24 +03:00
|
|
|
if (timeout) {
|
|
|
|
TIMEVAL_TO_TIMESPEC(timeout, &ts);
|
|
|
|
tsp = &ts;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
2011-02-07 13:28:18 +03:00
|
|
|
rv = REALPOLLTS(pfds, realnfds, tsp, NULL);
|
2011-02-11 15:46:41 +03:00
|
|
|
/*
|
|
|
|
* "If select() returns with an error the descriptor sets
|
|
|
|
* will be unmodified"
|
|
|
|
*/
|
|
|
|
if (rv < 0)
|
2011-01-09 00:30:24 +03:00
|
|
|
goto out;
|
|
|
|
|
|
|
|
/*
|
2011-02-11 15:46:41 +03:00
|
|
|
* zero out results (can't use FD_ZERO for the
|
|
|
|
* obvious select-me-not reason). whee.
|
|
|
|
*
|
|
|
|
* We do this here since some software ignores the return
|
|
|
|
* value of select, and hence if the timeout expires, it may
|
|
|
|
* assume all input descriptors have activity.
|
2011-01-09 00:30:24 +03:00
|
|
|
*/
|
|
|
|
for (i = 0; i < nfds; i++) {
|
|
|
|
if (readfds)
|
|
|
|
FD_CLR(i, readfds);
|
|
|
|
if (writefds)
|
|
|
|
FD_CLR(i, writefds);
|
|
|
|
if (exceptfds)
|
|
|
|
FD_CLR(i, exceptfds);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
2011-02-11 15:46:41 +03:00
|
|
|
if (rv == 0)
|
|
|
|
goto out;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-02-11 15:46:41 +03:00
|
|
|
/*
|
|
|
|
* We have >0 fds with activity. Harvest the results.
|
|
|
|
*/
|
2011-01-25 15:53:45 +03:00
|
|
|
for (i = 0; i < (int)realnfds; i++) {
|
2011-01-09 00:30:24 +03:00
|
|
|
if (readfds) {
|
|
|
|
if (pfds[i].revents & POLLIN) {
|
|
|
|
FD_SET(pfds[i].fd, readfds);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (writefds) {
|
|
|
|
if (pfds[i].revents & POLLOUT) {
|
|
|
|
FD_SET(pfds[i].fd, writefds);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if (exceptfds) {
|
|
|
|
if (pfds[i].revents & (POLLHUP|POLLERR)) {
|
|
|
|
FD_SET(pfds[i].fd, exceptfds);
|
|
|
|
}
|
|
|
|
}
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
2011-01-09 00:30:24 +03:00
|
|
|
|
|
|
|
out:
|
|
|
|
free(pfds);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
|
|
|
checkpoll(struct pollfd *fds, nfds_t nfds, int *hostcall, int *rumpcall)
|
|
|
|
{
|
|
|
|
nfds_t i;
|
|
|
|
|
|
|
|
for (i = 0; i < nfds; i++) {
|
2011-01-18 17:51:14 +03:00
|
|
|
if (fds[i].fd == -1)
|
|
|
|
continue;
|
|
|
|
|
2011-01-08 17:19:27 +03:00
|
|
|
if (fd_isrump(fds[i].fd))
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
(*rumpcall)++;
|
2011-01-08 17:19:27 +03:00
|
|
|
else
|
|
|
|
(*hostcall)++;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void
|
2011-01-08 17:19:27 +03:00
|
|
|
adjustpoll(struct pollfd *fds, nfds_t nfds, int (*fdadj)(int))
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
{
|
|
|
|
nfds_t i;
|
|
|
|
|
|
|
|
for (i = 0; i < nfds; i++) {
|
2011-01-08 17:19:27 +03:00
|
|
|
fds[i].fd = fdadj(fds[i].fd);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* poll is easy as long as the call comes in the fds only in one
|
|
|
|
* kernel. otherwise its quite tricky...
|
|
|
|
*/
|
|
|
|
struct pollarg {
|
|
|
|
struct pollfd *pfds;
|
|
|
|
nfds_t nfds;
|
2011-01-08 21:11:46 +03:00
|
|
|
const struct timespec *ts;
|
|
|
|
const sigset_t *sigmask;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
int pipefd;
|
|
|
|
int errnum;
|
|
|
|
};
|
|
|
|
|
|
|
|
static void *
|
|
|
|
hostpoll(void *arg)
|
|
|
|
{
|
2011-01-25 15:18:33 +03:00
|
|
|
int (*op_pollts)(struct pollfd *, nfds_t, const struct timespec *,
|
|
|
|
const sigset_t *);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
struct pollarg *parg = arg;
|
|
|
|
intptr_t rv;
|
|
|
|
|
2011-02-08 22:12:54 +03:00
|
|
|
op_pollts = GETSYSCALL(host, POLLTS);
|
2011-01-25 15:18:33 +03:00
|
|
|
rv = op_pollts(parg->pfds, parg->nfds, parg->ts, parg->sigmask);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
if (rv == -1)
|
|
|
|
parg->errnum = errno;
|
|
|
|
rump_sys_write(parg->pipefd, &rv, sizeof(rv));
|
|
|
|
|
|
|
|
return (void *)(intptr_t)rv;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2011-02-07 13:28:18 +03:00
|
|
|
REALPOLLTS(struct pollfd *fds, nfds_t nfds, const struct timespec *ts,
|
2011-01-08 21:11:46 +03:00
|
|
|
const sigset_t *sigmask)
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
{
|
2011-01-08 21:11:46 +03:00
|
|
|
int (*op_pollts)(struct pollfd *, nfds_t, const struct timespec *,
|
|
|
|
const sigset_t *);
|
2011-01-25 15:18:33 +03:00
|
|
|
int (*host_close)(int);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
int hostcall = 0, rumpcall = 0;
|
|
|
|
pthread_t pt;
|
|
|
|
nfds_t i;
|
|
|
|
int rv;
|
|
|
|
|
2011-01-08 17:19:27 +03:00
|
|
|
DPRINTF(("poll\n"));
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
checkpoll(fds, nfds, &hostcall, &rumpcall);
|
|
|
|
|
|
|
|
if (hostcall && rumpcall) {
|
|
|
|
struct pollfd *pfd_host = NULL, *pfd_rump = NULL;
|
|
|
|
int rpipe[2] = {-1,-1}, hpipe[2] = {-1,-1};
|
|
|
|
struct pollarg parg;
|
|
|
|
uintptr_t lrv;
|
|
|
|
int sverrno = 0, trv;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* ok, this is where it gets tricky. We must support
|
|
|
|
* this since it's a very common operation in certain
|
|
|
|
* types of software (telnet, netcat, etc). We allocate
|
|
|
|
* two vectors and run two poll commands in separate
|
|
|
|
* threads. Whichever returns first "wins" and the
|
|
|
|
* other kernel's fds won't show activity.
|
|
|
|
*/
|
|
|
|
rv = -1;
|
|
|
|
|
|
|
|
/* allocate full vector for O(n) joining after call */
|
|
|
|
pfd_host = malloc(sizeof(*pfd_host)*(nfds+1));
|
|
|
|
if (!pfd_host)
|
|
|
|
goto out;
|
|
|
|
pfd_rump = malloc(sizeof(*pfd_rump)*(nfds+1));
|
|
|
|
if (!pfd_rump) {
|
|
|
|
goto out;
|
|
|
|
}
|
|
|
|
|
|
|
|
/* split vectors */
|
|
|
|
for (i = 0; i < nfds; i++) {
|
2011-01-08 21:11:46 +03:00
|
|
|
if (fds[i].fd == -1) {
|
|
|
|
pfd_host[i].fd = -1;
|
|
|
|
pfd_rump[i].fd = -1;
|
|
|
|
} else if (fd_isrump(fds[i].fd)) {
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
pfd_host[i].fd = -1;
|
2011-01-08 17:19:27 +03:00
|
|
|
pfd_rump[i].fd = fd_host2rump(fds[i].fd);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
pfd_rump[i].events = fds[i].events;
|
2011-01-08 17:19:27 +03:00
|
|
|
} else {
|
|
|
|
pfd_rump[i].fd = -1;
|
|
|
|
pfd_host[i].fd = fds[i].fd;
|
|
|
|
pfd_host[i].events = fds[i].events;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
2011-02-14 17:56:23 +03:00
|
|
|
pfd_rump[i].revents = pfd_host[i].revents = 0;
|
2011-01-18 19:00:04 +03:00
|
|
|
fds[i].revents = 0;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
/*
|
|
|
|
* then, open two pipes, one for notifications
|
|
|
|
* to each kernel.
|
|
|
|
*/
|
|
|
|
if (rump_sys_pipe(rpipe) == -1)
|
|
|
|
goto out;
|
|
|
|
if (pipe(hpipe) == -1)
|
|
|
|
goto out;
|
|
|
|
|
|
|
|
pfd_host[nfds].fd = hpipe[0];
|
|
|
|
pfd_host[nfds].events = POLLIN;
|
|
|
|
pfd_rump[nfds].fd = rpipe[0];
|
|
|
|
pfd_rump[nfds].events = POLLIN;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* then, create a thread to do host part and meanwhile
|
|
|
|
* do rump kernel part right here
|
|
|
|
*/
|
|
|
|
|
|
|
|
parg.pfds = pfd_host;
|
|
|
|
parg.nfds = nfds+1;
|
2011-01-08 21:11:46 +03:00
|
|
|
parg.ts = ts;
|
|
|
|
parg.sigmask = sigmask;
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
parg.pipefd = rpipe[1];
|
|
|
|
pthread_create(&pt, NULL, hostpoll, &parg);
|
|
|
|
|
2011-02-08 22:12:54 +03:00
|
|
|
op_pollts = GETSYSCALL(rump, POLLTS);
|
2011-01-08 21:11:46 +03:00
|
|
|
lrv = op_pollts(pfd_rump, nfds+1, ts, NULL);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
sverrno = errno;
|
|
|
|
write(hpipe[1], &rv, sizeof(rv));
|
|
|
|
pthread_join(pt, (void *)&trv);
|
|
|
|
|
|
|
|
/* check who "won" and merge results */
|
|
|
|
if (lrv != 0 && pfd_host[nfds].revents & POLLIN) {
|
|
|
|
rv = trv;
|
|
|
|
|
|
|
|
for (i = 0; i < nfds; i++) {
|
|
|
|
if (pfd_rump[i].fd != -1)
|
|
|
|
fds[i].revents = pfd_rump[i].revents;
|
|
|
|
}
|
|
|
|
sverrno = parg.errnum;
|
|
|
|
} else if (trv != 0 && pfd_rump[nfds].revents & POLLIN) {
|
|
|
|
rv = trv;
|
|
|
|
|
|
|
|
for (i = 0; i < nfds; i++) {
|
|
|
|
if (pfd_host[i].fd != -1)
|
|
|
|
fds[i].revents = pfd_host[i].revents;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
rv = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
out:
|
2011-02-08 22:12:54 +03:00
|
|
|
host_close = GETSYSCALL(host, CLOSE);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
if (rpipe[0] != -1)
|
|
|
|
rump_sys_close(rpipe[0]);
|
|
|
|
if (rpipe[1] != -1)
|
|
|
|
rump_sys_close(rpipe[1]);
|
|
|
|
if (hpipe[0] != -1)
|
2011-01-17 19:30:09 +03:00
|
|
|
host_close(hpipe[0]);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
if (hpipe[1] != -1)
|
2011-01-17 19:30:09 +03:00
|
|
|
host_close(hpipe[1]);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
free(pfd_host);
|
|
|
|
free(pfd_rump);
|
|
|
|
errno = sverrno;
|
|
|
|
} else {
|
|
|
|
if (hostcall) {
|
2011-02-08 22:12:54 +03:00
|
|
|
op_pollts = GETSYSCALL(host, POLLTS);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
} else {
|
2011-02-08 22:12:54 +03:00
|
|
|
op_pollts = GETSYSCALL(rump, POLLTS);
|
2011-01-08 17:19:27 +03:00
|
|
|
adjustpoll(fds, nfds, fd_host2rump);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
|
2011-01-08 21:11:46 +03:00
|
|
|
rv = op_pollts(fds, nfds, ts, sigmask);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
if (rumpcall)
|
2011-01-08 17:19:27 +03:00
|
|
|
adjustpoll(fds, nfds, fd_rump2host);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
return rv;
|
|
|
|
}
|
|
|
|
|
|
|
|
int
|
2011-02-05 15:38:19 +03:00
|
|
|
poll(struct pollfd *fds, nfds_t nfds, int timeout)
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
{
|
2011-01-08 21:11:46 +03:00
|
|
|
struct timespec ts;
|
|
|
|
struct timespec *tsp = NULL;
|
|
|
|
|
|
|
|
if (timeout != INFTIM) {
|
|
|
|
ts.tv_sec = timeout / 1000;
|
2011-01-18 17:45:30 +03:00
|
|
|
ts.tv_nsec = (timeout % 1000) * 1000*1000;
|
2011-01-08 21:11:46 +03:00
|
|
|
|
|
|
|
tsp = &ts;
|
|
|
|
}
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
|
2011-02-07 13:28:18 +03:00
|
|
|
return REALPOLLTS(fds, nfds, tsp, NULL);
|
Begin work on a syscall hijacking library which can be LD_PRELOADed
to convince non-rumped applications to communicate with a rump
kernel instead of the host kernel. The precision of what goes
where is not exactly surgical, but for example when wanting to
debug a web server's TCP/IP stack interaction, it might be enough.
When all you have is a hand grenade, all problems look like a ....
hmm?
There's still plenty to figure out. For example, I'm not sure what
the user interface will be like. Now it just attempts to hijack
network communication. It also needs to sync with symbol renaming
in libc, and maybe autogenerate the non-schizophrenic wrappers
where the communication is heading to exactly one destination, lest
I'll be a mummmy by the time I finish writing them all. As a fun
example of a non-non-schizophrenic one, consider poll().
Work in progress, but I managed to get two non-rumped netcats
talking to each other or fetching the index from a non-rumped
thttpd. telnet works in one direction (i can read the data from
netcat, but anything i send back is not printed). bozohttpd uses
dup2() which i haven't bothered to address yet, etcetc.
(not hooking this up the build for now)
2011-01-07 22:52:43 +03:00
|
|
|
}
|
2011-01-18 14:04:10 +03:00
|
|
|
|
|
|
|
int
|
2011-02-08 17:45:35 +03:00
|
|
|
REALKEVENT(int kq, const struct kevent *changelist, size_t nchanges,
|
2011-01-18 14:04:10 +03:00
|
|
|
struct kevent *eventlist, size_t nevents,
|
|
|
|
const struct timespec *timeout)
|
|
|
|
{
|
2011-02-08 17:45:35 +03:00
|
|
|
int (*op_kevent)(int, const struct kevent *, size_t,
|
|
|
|
struct kevent *, size_t, const struct timespec *);
|
|
|
|
const struct kevent *ev;
|
|
|
|
size_t i;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Check that we don't attempt to kevent rump kernel fd's.
|
|
|
|
* That needs similar treatment to select/poll, but is slightly
|
|
|
|
* trickier since we need to manage to different kq descriptors.
|
|
|
|
* (TODO, in case you're wondering).
|
|
|
|
*/
|
|
|
|
for (i = 0; i < nchanges; i++) {
|
|
|
|
ev = &changelist[i];
|
|
|
|
if (ev->filter == EVFILT_READ || ev->filter == EVFILT_WRITE ||
|
|
|
|
ev->filter == EVFILT_VNODE) {
|
2011-02-15 16:59:28 +03:00
|
|
|
if (fd_isrump((int)ev->ident))
|
2011-02-08 17:45:35 +03:00
|
|
|
return ENOTSUP;
|
|
|
|
}
|
|
|
|
}
|
2011-01-18 14:04:10 +03:00
|
|
|
|
2011-02-08 22:12:54 +03:00
|
|
|
op_kevent = GETSYSCALL(host, KEVENT);
|
2011-02-08 17:45:35 +03:00
|
|
|
return op_kevent(kq, changelist, nchanges, eventlist, nevents, timeout);
|
2011-01-18 14:04:10 +03:00
|
|
|
}
|
2011-01-25 15:18:33 +03:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Rest are std type calls.
|
|
|
|
*/
|
|
|
|
|
|
|
|
FDCALL(int, bind, DUALCALL_BIND, \
|
|
|
|
(int fd, const struct sockaddr *name, socklen_t namelen), \
|
|
|
|
(int, const struct sockaddr *, socklen_t), \
|
|
|
|
(fd, name, namelen))
|
|
|
|
|
|
|
|
FDCALL(int, connect, DUALCALL_CONNECT, \
|
|
|
|
(int fd, const struct sockaddr *name, socklen_t namelen), \
|
|
|
|
(int, const struct sockaddr *, socklen_t), \
|
|
|
|
(fd, name, namelen))
|
|
|
|
|
|
|
|
FDCALL(int, getpeername, DUALCALL_GETPEERNAME, \
|
|
|
|
(int fd, struct sockaddr *name, socklen_t *namelen), \
|
|
|
|
(int, struct sockaddr *, socklen_t *), \
|
|
|
|
(fd, name, namelen))
|
|
|
|
|
|
|
|
FDCALL(int, getsockname, DUALCALL_GETSOCKNAME, \
|
|
|
|
(int fd, struct sockaddr *name, socklen_t *namelen), \
|
|
|
|
(int, struct sockaddr *, socklen_t *), \
|
|
|
|
(fd, name, namelen))
|
|
|
|
|
|
|
|
FDCALL(int, listen, DUALCALL_LISTEN, \
|
|
|
|
(int fd, int backlog), \
|
|
|
|
(int, int), \
|
|
|
|
(fd, backlog))
|
|
|
|
|
|
|
|
FDCALL(ssize_t, recvfrom, DUALCALL_RECVFROM, \
|
|
|
|
(int fd, void *buf, size_t len, int flags, \
|
|
|
|
struct sockaddr *from, socklen_t *fromlen), \
|
|
|
|
(int, void *, size_t, int, struct sockaddr *, socklen_t *), \
|
|
|
|
(fd, buf, len, flags, from, fromlen))
|
|
|
|
|
|
|
|
FDCALL(ssize_t, sendto, DUALCALL_SENDTO, \
|
|
|
|
(int fd, const void *buf, size_t len, int flags, \
|
|
|
|
const struct sockaddr *to, socklen_t tolen), \
|
|
|
|
(int, const void *, size_t, int, \
|
|
|
|
const struct sockaddr *, socklen_t), \
|
|
|
|
(fd, buf, len, flags, to, tolen))
|
|
|
|
|
|
|
|
FDCALL(ssize_t, recvmsg, DUALCALL_RECVMSG, \
|
|
|
|
(int fd, struct msghdr *msg, int flags), \
|
|
|
|
(int, struct msghdr *, int), \
|
|
|
|
(fd, msg, flags))
|
|
|
|
|
|
|
|
FDCALL(ssize_t, sendmsg, DUALCALL_SENDMSG, \
|
|
|
|
(int fd, const struct msghdr *msg, int flags), \
|
|
|
|
(int, const struct msghdr *, int), \
|
|
|
|
(fd, msg, flags))
|
|
|
|
|
|
|
|
FDCALL(int, getsockopt, DUALCALL_GETSOCKOPT, \
|
|
|
|
(int fd, int level, int optn, void *optval, socklen_t *optlen), \
|
|
|
|
(int, int, int, void *, socklen_t *), \
|
|
|
|
(fd, level, optn, optval, optlen))
|
|
|
|
|
|
|
|
FDCALL(int, setsockopt, DUALCALL_SETSOCKOPT, \
|
|
|
|
(int fd, int level, int optn, \
|
|
|
|
const void *optval, socklen_t optlen), \
|
|
|
|
(int, int, int, const void *, socklen_t), \
|
|
|
|
(fd, level, optn, optval, optlen))
|
|
|
|
|
|
|
|
FDCALL(int, shutdown, DUALCALL_SHUTDOWN, \
|
|
|
|
(int fd, int how), \
|
|
|
|
(int, int), \
|
|
|
|
(fd, how))
|
|
|
|
|
2011-01-26 21:48:32 +03:00
|
|
|
#if _FORTIFY_SOURCE > 0
|
|
|
|
#define STUB(fun) __ssp_weak_name(fun)
|
|
|
|
ssize_t _sys_readlink(const char * __restrict, char * __restrict, size_t);
|
|
|
|
ssize_t
|
|
|
|
STUB(readlink)(const char * __restrict path, char * __restrict buf,
|
|
|
|
size_t bufsiz)
|
|
|
|
{
|
|
|
|
return _sys_readlink(path, buf, bufsiz);
|
|
|
|
}
|
|
|
|
|
|
|
|
char *_sys_getcwd(char *, size_t);
|
|
|
|
char *
|
|
|
|
STUB(getcwd)(char *buf, size_t size)
|
|
|
|
{
|
|
|
|
return _sys_getcwd(buf, size);
|
|
|
|
}
|
|
|
|
#else
|
|
|
|
#define STUB(fun) fun
|
|
|
|
#endif
|
|
|
|
|
2011-02-07 15:23:05 +03:00
|
|
|
FDCALL(ssize_t, REALREAD, DUALCALL_READ, \
|
2011-01-25 15:18:33 +03:00
|
|
|
(int fd, void *buf, size_t buflen), \
|
|
|
|
(int, void *, size_t), \
|
|
|
|
(fd, buf, buflen))
|
|
|
|
|
2011-01-25 15:21:36 +03:00
|
|
|
FDCALL(ssize_t, readv, DUALCALL_READV, \
|
2011-01-25 15:18:33 +03:00
|
|
|
(int fd, const struct iovec *iov, int iovcnt), \
|
|
|
|
(int, const struct iovec *, int), \
|
|
|
|
(fd, iov, iovcnt))
|
|
|
|
|
|
|
|
FDCALL(ssize_t, writev, DUALCALL_WRITEV, \
|
|
|
|
(int fd, const struct iovec *iov, int iovcnt), \
|
|
|
|
(int, const struct iovec *, int), \
|
|
|
|
(fd, iov, iovcnt))
|
2011-02-17 15:23:58 +03:00
|
|
|
|
|
|
|
FDCALL(int, REALFSTAT, DUALCALL_FSTAT, \
|
|
|
|
(int fd, struct stat *sb), \
|
|
|
|
(int, struct stat *), \
|
|
|
|
(fd, sb))
|
|
|
|
|
|
|
|
FDCALL(int, fstatvfs1, DUALCALL_FSTATVFS1, \
|
|
|
|
(int fd, struct statvfs *buf, int flags), \
|
|
|
|
(int, struct statvfs *, int), \
|
|
|
|
(fd, buf, flags))
|
|
|
|
|
|
|
|
FDCALL(off_t, lseek, DUALCALL_LSEEK, \
|
|
|
|
(int fd, off_t offset, int whence), \
|
|
|
|
(int, off_t, int), \
|
|
|
|
(fd, offset, whence))
|
|
|
|
|
|
|
|
FDCALL(int, REALGETDENTS, DUALCALL_GETDENTS, \
|
|
|
|
(int fd, char *buf, size_t nbytes), \
|
|
|
|
(int, char *, size_t), \
|
|
|
|
(fd, buf, nbytes))
|
|
|
|
|
|
|
|
FDCALL(int, fchown, DUALCALL_FCHOWN, \
|
|
|
|
(int fd, uid_t owner, gid_t group), \
|
|
|
|
(int, uid_t, gid_t), \
|
|
|
|
(fd, owner, group))
|
|
|
|
|
|
|
|
FDCALL(int, fchmod, DUALCALL_FCHMOD, \
|
|
|
|
(int fd, mode_t mode), \
|
|
|
|
(int, mode_t), \
|
|
|
|
(fd, mode))
|
|
|
|
|
|
|
|
FDCALL(int, ftruncate, DUALCALL_FTRUNCATE, \
|
|
|
|
(int fd, off_t length), \
|
|
|
|
(int, off_t), \
|
|
|
|
(fd, length))
|
|
|
|
|
|
|
|
FDCALL(int, fsync, DUALCALL_FSYNC, \
|
|
|
|
(int fd), \
|
|
|
|
(int), \
|
|
|
|
(fd))
|
|
|
|
|
|
|
|
FDCALL(int, fsync_range, DUALCALL_FSYNC_RANGE, \
|
|
|
|
(int fd, int how, off_t start, off_t length), \
|
|
|
|
(int, int, off_t, off_t), \
|
|
|
|
(fd, how, start, length))
|
|
|
|
|
|
|
|
FDCALL(int, futimes, DUALCALL_FUTIMES, \
|
|
|
|
(int fd, const struct timeval *tv), \
|
|
|
|
(int, const struct timeval *), \
|
|
|
|
(fd, tv))
|
|
|
|
|
|
|
|
/*
|
|
|
|
* path-based selectors
|
|
|
|
*/
|
|
|
|
|
|
|
|
PATHCALL(int, REALSTAT, DUALCALL_STAT, \
|
|
|
|
(const char *path, struct stat *sb), \
|
|
|
|
(const char *, struct stat *), \
|
|
|
|
(path, sb))
|
|
|
|
|
|
|
|
PATHCALL(int, REALLSTAT, DUALCALL_LSTAT, \
|
|
|
|
(const char *path, struct stat *sb), \
|
|
|
|
(const char *, struct stat *), \
|
|
|
|
(path, sb))
|
|
|
|
|
|
|
|
PATHCALL(int, chown, DUALCALL_CHOWN, \
|
|
|
|
(const char *path, uid_t owner, gid_t group), \
|
|
|
|
(const char *, uid_t, gid_t), \
|
|
|
|
(path, owner, group))
|
|
|
|
|
|
|
|
PATHCALL(int, lchown, DUALCALL_LCHOWN, \
|
|
|
|
(const char *path, uid_t owner, gid_t group), \
|
|
|
|
(const char *, uid_t, gid_t), \
|
|
|
|
(path, owner, group))
|
|
|
|
|
|
|
|
PATHCALL(int, chmod, DUALCALL_CHMOD, \
|
|
|
|
(const char *path, mode_t mode), \
|
|
|
|
(const char *, mode_t), \
|
|
|
|
(path, mode))
|
|
|
|
|
|
|
|
PATHCALL(int, lchmod, DUALCALL_LCHMOD, \
|
|
|
|
(const char *path, mode_t mode), \
|
|
|
|
(const char *, mode_t), \
|
|
|
|
(path, mode))
|
|
|
|
|
|
|
|
PATHCALL(int, statvfs1, DUALCALL_STATVFS1, \
|
|
|
|
(const char *path, struct statvfs *buf, int flags), \
|
|
|
|
(const char *, struct statvfs *, int), \
|
|
|
|
(path, buf, flags))
|
|
|
|
|
|
|
|
PATHCALL(int, unlink, DUALCALL_UNLINK, \
|
|
|
|
(const char *path), \
|
|
|
|
(const char *), \
|
|
|
|
(path))
|
|
|
|
|
|
|
|
PATHCALL(int, symlink, DUALCALL_SYMLINK, \
|
|
|
|
(const char *path, const char *target), \
|
|
|
|
(const char *, const char *), \
|
|
|
|
(path, target))
|
|
|
|
|
|
|
|
PATHCALL(int, readlink, DUALCALL_READLINK, \
|
|
|
|
(const char *path, char *buf, size_t bufsiz), \
|
|
|
|
(const char *, char *, size_t), \
|
|
|
|
(path, buf, bufsiz))
|
|
|
|
|
|
|
|
/* XXX: cross-kernel renames need to be blocked */
|
|
|
|
PATHCALL(int, rename, DUALCALL_RENAME, \
|
|
|
|
(const char *path, const char *to), \
|
|
|
|
(const char *, const char *), \
|
|
|
|
(path, to))
|
|
|
|
|
|
|
|
PATHCALL(int, mkdir, DUALCALL_MKDIR, \
|
|
|
|
(const char *path, mode_t mode), \
|
|
|
|
(const char *, mode_t), \
|
|
|
|
(path, mode))
|
|
|
|
|
|
|
|
PATHCALL(int, rmdir, DUALCALL_RMDIR, \
|
|
|
|
(const char *path), \
|
|
|
|
(const char *), \
|
|
|
|
(path))
|
|
|
|
|
|
|
|
PATHCALL(int, utimes, DUALCALL_UTIMES, \
|
|
|
|
(const char *path, const struct timeval *tv), \
|
|
|
|
(const char *, const struct timeval *), \
|
|
|
|
(path, tv))
|
|
|
|
|
|
|
|
PATHCALL(int, lutimes, DUALCALL_LUTIMES, \
|
|
|
|
(const char *path, const struct timeval *tv), \
|
|
|
|
(const char *, const struct timeval *), \
|
|
|
|
(path, tv))
|
|
|
|
|
|
|
|
PATHCALL(int, truncate, DUALCALL_TRUNCATE, \
|
|
|
|
(const char *path, off_t length), \
|
|
|
|
(const char *, off_t), \
|
|
|
|
(path, length))
|